Bug 1260318 - Scope U2F Soft Tokens to a single AppID r=qdot,rbarnes
This change includes the FIDO "App ID" as part of the function used to generate
the wrapping key used in the NSS-based U2F soft token, cryptographically binding
the "Key Handle" to the site that Key Handle is intended for.
This is a breaking change with existing registered U2F keys, but since our soft
token is hidden behind a pref, it does not attempt to be backward-compatible.
- Updated for rbarnes' and qdot's reviews comments. Thanks!
- Made more strict in size restrictions, and added a version field
to help us be this strict.
- Bugfix for an early unprotected buffer use (Thanks again rbarnes!)
- Fix a sneaky memory leak re: CryptoBuffer.ToSECItem
MozReview-Commit-ID: Jf6gNPauT4Y

Please be apprised of the following Legal Notices:A) The U.S. District Court for the Eastern District of Virginia hasruled that the Netscape Navigator code does not infringe Wang's U.S.Patent No. 4,751,669 ("the '669 Patent") because: 1) HTML is notVideotex as defined by the '669 patent; 2) web servers are not centralsuppliers; and 3) Navigator does not "connect," as defined by the '669Patent, to web servers on the Internet. Wang may appeal this decision tothe Federal Circuit. Wang contended that its Patent disclosing a"Videotex" system, is infringed by the following functionality in theNetscape Navigator code: 1) the animated logo and status line indicators--See Claims 1,8 and 9; 2) the "File Save As" function --See Claims23-27; 3) Bookmarks and Rename Bookmarks in the Properties window --SeeClaims 20-22; 4) storing HTML, GIF, and JPEG files and adding filenameextensions --See Claim 38B) Intermind owns pending U.S. patent applications on communicationssystems which employ metadata ("channel objects") to define a controlstructure for information transfer. The Netscape code does not infringeas released; however, modifications which utilize channel objects asdescribed by Intermind should be considered carefully. The following isa statement from Intermind: "Intermind's claims fundamentally involvethe use of a control structure to automate communications. ...Theessence of Intermind's top claim is that two devices sender and receiverhave persistent storage, communicate over a network, and exchange acontrol structure including metadata which describes: 1) whatinformation is to be updated, 2) when to update this information, and 3)how to transfer the updated information. In addition, at least thereceiving device must be able to process the metadata in order toperform the update determination and transfer. Any digitalcommunications system which incorporates all of these elements will becovered by Intermind's patents." See Intermind.com.C) Stac, Inc., and its licensing agent Hi/fn, own several patents whichdisclose data compression methods implementing an LZS compressionalgorithm, including U.S. Patent Nos. 4,701,745 and 5,016, 009 ("theStac Patents"). The Netscape Communicator code does not performcompression. If you modify the Netscape source code to performcompression, please take notice of the Stac Patents.D) Netscape Communications Corporation ("Netscape") does not guaranteethat any source code or executable code available from the mozilla.orgdomain is Year 2000 compliant.